November 22, 2020

Disabling Locker Service by lowering the API version to 39 or earlier in Salesforce

Disabling Locker Service by lowering the API version to 39 or earlier in Salesforce

Locker Service is a powerful security architecture for Lightning components. Locker Service enhances security by isolating Lightning components that belong to one namespace from components in a different namespace. Locker Service also promotes best practices that improve the supportability of your code by only allowing access to supported APIs and eliminating access to non-published framework internals.

1. It downgrades the security.
2. Features/Functionalities introduced after Spring'17 cannot be utilized since the API Version doesn't support it.
3. Don’t Mix Component API Versions
For consistency and ease of debugging, we recommend that you set the same Salesforce API version for all custom components in your app, containment hierarchy (component within component), or extension hierarchy (component extending component).
If you mix API versions in your containment or extension hierarchy and Lightning Locker is enabled for some components and disabled for other components, your app will be harder to debug.
https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/security_ls_api_version_mix.htm
4. Locker Service prevents Cross Site Scripting (XSS). So, your component becomes prone to it.

No comments:

Post a Comment